Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+36371.43%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+282.14%)
MixewayHubMixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
Stars: ✭ 80 (+185.71%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+2464.29%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (+157.14%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+567.86%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (+557.14%)
DependencycheckOWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Stars: ✭ 3,571 (+12653.57%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+6778.57%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (+57.14%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+896.43%)
dtrack-auditOWASP Dependency Track API client for intergration into CI/CD pipeline
Stars: ✭ 30 (+7.14%)
GlueApplication Security Automation
Stars: ✭ 412 (+1371.43%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+4403.57%)
cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (+267.86%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-35.71%)
poc-jwtPOC about usage of JSON Web Tokens (JWT) in a secure way.
Stars: ✭ 18 (-35.71%)
owasp-zap-jwt-addonOWASP ZAP addon for finding vulnerabilities in JWT Implementations
Stars: ✭ 23 (-17.86%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (+435.71%)
cdkgoatCdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Stars: ✭ 27 (-3.57%)
nightfall dlp actionGitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.
Stars: ✭ 46 (+64.29%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+178.57%)
sonarqube-actionIntegrate SonarQube scanner to GitHub Actions
Stars: ✭ 90 (+221.43%)
devops-infra-demoGrowing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)
Stars: ✭ 31 (+10.71%)
cfngoatCfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Stars: ✭ 70 (+150%)
node-pom-parserParsing Java's pom.xml and properly returning the json object, including attributes and values.
Stars: ✭ 21 (-25%)
containers-security-projectA place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Stars: ✭ 25 (-10.71%)
dotnet-security-unit-testsA web application that contains several unit tests for the purpose of .NET security
Stars: ✭ 25 (-10.71%)
owtf-dockerDocker repository for OWTF (64-bit Kali)
Stars: ✭ 32 (+14.29%)
basepomAll the base POMs in the world.
Stars: ✭ 35 (+25%)
makesA DevSecOps framework powered by Nix.
Stars: ✭ 158 (+464.29%)
oga-maven-plugin🧩 Old GroupIds Alerter - A Maven plugin that checks for deprecated groupId+artifactId (e.g. did you know that graphql-spring-boot-starter moved from com.graphql-java to com.graphql-java-kickstart?).
Stars: ✭ 22 (-21.43%)
OWASP-Calculator🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
Stars: ✭ 109 (+289.29%)
OpossumUIA light-weight app to audit and inventory large codebases for open source license compliance.
Stars: ✭ 32 (+14.29%)
jpa2ddlJPA Schema Generator Plugin
Stars: ✭ 104 (+271.43%)
log4j-cve-2021-44228Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
Stars: ✭ 58 (+107.14%)
secureCodeBox-v2This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
Stars: ✭ 23 (-17.86%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (-10.71%)
ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (+278.57%)
aks-baseline-regulatedThis is the Azure Kubernetes Service (AKS) baseline cluster for regulated workloads reference implementation as produced by the Microsoft Azure Architecture Center.
Stars: ✭ 73 (+160.71%)
scalafix-maven-pluginEnables automatic refactoring and linting of Maven projects written in Scala using Scalafix.
Stars: ✭ 15 (-46.43%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-28.57%)
gitleaksProtect and discover secrets using Gitleaks 🔑
Stars: ✭ 10,520 (+37471.43%)
scalor-maven-pluginBuild integrator for Java, Scala, Scala.macro, Scala.js, Scala.native, Eclipse and Maven.
Stars: ✭ 47 (+67.86%)
netmakerNetmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Stars: ✭ 4,147 (+14710.71%)
webdriverio-zap-proxyDemo - how to easily build security testing for Web App, using Zap and Glue
Stars: ✭ 58 (+107.14%)